Cyber Security and Cyber Forensics Articles/Tutorials

Creating a wifi hotspot from your system(PC/Laptop) is a cool trick that we can use to perform numerous activities depending upon the user. This trick can be used by both an attacker/hacker as well as normal people. Attacker can use it to create open networks. As we already know that open networks are dangerous and are not secured at all. Open network  leaves traffic unencrypted and even attack such as man-in-the-middle based attackes are widely famous in open networks. This is one of the huge trust issue with open networks hence it is always suggested not to connect to an open network such as public wifi. Similarly, normal people with good intention can also use it to create a hotspot of the connected network on which several other people can connect. It is a very simple and easy trick that can be done in couple of minutes.  Step 1:- Open Command Prompt Step2:- Type:- netsh wlan set hostednetwork mode=allow ssid=Nameofthehotspot key=password In case of above e...

This blog mainly focuses on finding the wifi password on a connected system. Many people might find it funny or even find this blog un-necessary but this blog is mainly for the people who want to learn small command prompt trick with the help of which people can find the password of a already connected network. This trick can be used and is applicable for people who want to know the password of maybe friends or neighbors wifi password. If the person or user is allowed to get an access to the victims system then he/she can easily find the password of the network using this simple trick. Your friend/neighbour may trust you with  his/her system but might not give your their wifi passwords in this case we can use this trick to find their wifi password. Generally the systems that are connected to home network or organizations network tend to auto save the password and auto connect to them, In such scenario if a person is able to get an access to victims system then he/she she can ...

Windows registry analysis is an integral part of generating or gathering evidence against cyber crimes. Every operating system has its own file system and its own registry. The registry is a database of stored configuration information about the users, hardware, and software on a Windows system. Although the registry was designed to configure the system, to do so, it tracks such a plethora of information about the user's activities, the devices connected to system, what software was used and when, etc. All of this can be useful for the forensic investigator in tracking the who, what, where, and when of a forensic investigation.  In Case of windows registry, there are root folders. These root folders are referred to as hives. There are five (5) registry hives. 1. HKEY_USERS: contains all the loaded user profiles 2. HKEYCURRENT_USER : profile of the currently logged-on user 3. HKEYCLASSES_ROOT: configuration information on the application used to open files 4. HK...

JSQL is a lightweight application that is inbuilt in kali linux but it is  open source and platform independent  (Windows, Linux, Mac OS X, Solaris).   used to find database information from a distant server. This is another injection tool just like SQLMAP but is a lot more user friendly cause SQLMAP is command line based whereas JSQL is Graphical User Interface(GUI) Based. If you guys haven't seen the article and tutorial on SQLMAP then click here . JSQL is more convenient and more easier to use as no commands will be used to perform injection.  As JSQL is platform independent interested people can download it in their respective platform or can use it easily if they are using kali linux. In this tutorial i am going to use kali linux and JSQL is already installed in kali linux. JSQL is under Application-> Database Assessment-> JSQL Injection .   First thing that we will require is the url of the website that we want to hack...

Making own dictionary from words not listed in the normal English dictionary can be helpful specially for people who want to crack passwords based on some person's name, surname or native language words( Example Nepali word, Hindi Word etc). Since most of the word list that are used to hack into a system or crack passwords contain words from English dictionary, passwords such as name of person, surname of person, pet-name and specially words of native language aren't included in that word list as they aren't defined in the English dictionary. This is one the most crucial drawback of dictionary attack. Apart from selective words problem, dictionary attacks usually take lot of time cause they attempt all the words present in the word-list as passwords to crack the authentication system. If we make our own dictionary then it will also help in saving time. But making our own dictionary can only be helpful to only those people who have a hint to what the password might be an...

In current context of digitized  world where everything is done over internet, lot of information can be found online. The data can either be private to people or can be public to everyone with no privacy. Everyday lots of data are getting stored in different databases of different websites throughout the world and it is becoming harder to store and protect the data from evasion at the same time. Unauthorized access to such databases can lead to leak of large amount of confidential information related to a person or even an organization. Hackers tend to steal a lot of information through such database by getting either getting authorized or unauthorized access. One of the most common method to get an access to the information's available in a websites database is SQL injection based attacks.  SQL Injection is a type of an  injection  attack that makes it possible to execute malicious SQL Statements.  With the right set of queries, a user can gain access, u...